Supply Chain Security Assurance Officer - Guildford, United Kingdom - BAE Systems

BAE Systems
BAE Systems
Verified Company
Guildford, United Kingdom

2 weeks ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description
BAE Systems Digital Intelligence is home to 4,800 digital, cyber and intelligence experts.

We work collaboratively across 16 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.


BAE Systems Digital Intelligence

Role Profile

1. Role Details

Job Role
Information Security Supply Chain Officer


Reports To

(job role)
Information Security Assurance Lead


Business Unit/

Capabilities/Function
Security


Sub Group/

Practice
Information Security Team


2. Role Purpose

  • Information Security's mandate is to reduce risk exposure and certify that controls are in place to assure the confidentiality, integrity and availability of information flow, both internally and externally.
  • Team members work in collaboration with Programme and Project Managers, Architects, Business Analysts, Suppliers and specialist teams (Procurement, Data Privacy, Engineering, Cloud Operations, Networking and Infrastructure).
  • As Information Security Supply Chain Officer you will be working within a multifaceted group, providing, managing and promoting Supply Chain Management ("SCM") on behalf of Digital Intelligence.
  • As the SCM SME (Subject Matter Expert) you will certify compliance, risk mitigation/elimination and critical security control observance of Digital Intelligence's supply chain.
  • Supplier reassurance is a vital aspect of this role, maintaining compliance levels according to the supplier's category.
  • Addition duties will be to provide assistance undertaking other InfoSec Assurance analytical and/or reporting tasks.

3. Core Duties / Key Accountabilities

  • Information Security's main point of contact for Supplier management, maintenance and reassessment.
  • Maintaining master records, undertaking annual, biannual and tertiary reassessments.
  • Support in the measurement and reporting of Supplier risk and associated threat management.
  • Maintain relationship with risk management SaaS platform provider.
  • Assist in activities to preserve Supplier compliance with BAE Systems standards, in particular NIST SP controls, as well as ISO27001, Cloud frameworks and associated legal and regulatory controls.
  • Support the InfoSec Assurance Lead in the provision of any additional analytical and/or reporting tasks.
  • Provide assistance within the InfoSec team when required, for example Operations, assisting with workloads.
  • Accept adhoc responsibilities as directed by the Head of Information Security or Chief Security Officer.
  • Promote and embrace BAE Systems Behaviours.

Budget Holder Responsibility _(if applicable)_**:


  • N/A

Vendor Management Responsibility _(if applicable)_**:


  • Liaison with Procurement, Privacy/Legal team, Supplier Owners, 3rd Party Vendors, and Service Providers.
  • Liaison with Stakeholders, Project Managers, Architects, Business Analysts and other specialist teams.

Direct Reports _(if applicable)_**:


  • N/A

Accountable for overall headcount of _(if applicable)_**:

  • N/A

4. Functional Knowledge (Requirements for knowledge of functional work and activities, the technical expertise)


Requirements:


  • Experience of working within Supplier Relationship Management, enterprisewide assessment of Suppliers' security posture, performance and capabilities.
  • Ability to work within multifaceted team environment, possessing organisational, time management and discretionary skills.
  • An ability to work independently and engage with 3rd and 4th Party Vendors, Supplier Owners, Service Providers, Procurement, Data Privacy, Project Teams and stakeholders.
  • Analytical, problemsolving and interpersonal skills.

Desirable Qualifications:


  • Desirable: recognised professional or security qualification, supply chain management certification, membership of an applicable professional organisation, e.g. CIPS, IoSCM, ASCM, CISMP
  • Excellent communications and documentation skills.
  • Ability to obtain Security Check (SC) clearance.
  • UK National status or equivalent residency status.

5. Business Expertise (Requirements of the role for knowledge and expertise about the business, rather than the technical expertise)

  • Understanding key connections, roles and relationships.

6. Leadership (Requirements of the role for providing leadership and guidance to others, complexity of team(s) managed)

  • Direction and support of BAE Systems Digital Intelligence employees, providing expertise and guidance.

7. Problem Solving (Breadth of mental skills required in order to perform the role)

  • Ability to identify and effectively communicate business related security risks.

8. Nature of Impact (Impact on business by detailing the overall responsibility associated with the role)

  • Responsible for ensuring continual compliance in line with Assurance activities.

9. Area of Impact (Busine
More jobs from BAE Systems
See all jobs of BAE Systems